<?php
session_start();
include("load-settings.php");

if(!isset($_SESSION['user']))
	header("Location: login.php");

$user = $_SESSION['user'];

if(!isset($_POST['order']))
	header("Location: home.php");

$order = mysql_real_escape_string($_POST['order']);
$summary = mysql_real_escape_string($_POST['summary']);

mysql_query("INSERT INTO ticket (user, order_record, summary) VALUES ($user, $order, '$summary')");

header("Location: home.php");
?>